Vulnerabilities > SAP > Application Interface Framework > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-11 CVE-2023-29110 Cross-site Scripting vulnerability in SAP products
The SAP Application Interface (Message Dashboard) - versions AIF 703, AIFX 702, S4CORE 100, 101, SAP_BASIS 755, 756, SAP_ABA 75C, 75D, 75E, application allows the usage HTML tags.
network
low complexity
sap CWE-79
5.4
5.4
2023-04-11 CVE-2023-29111 Unspecified vulnerability in SAP Application Interface Framework 755/756
The SAP AIF (ODATA service) - versions 755, 756, discloses more detailed information than is required.
network
low complexity
sap
4.3
4.3
2023-04-11 CVE-2023-29109 Improper Neutralization of Formula Elements in a CSV File vulnerability in SAP products
The SAP Application Interface Framework (Message Dashboard) - versions AIF 703, AIFX 702, S4CORE 101, SAP_BASIS 755, 756, SAP_ABA 75C, 75D, 75E, application allows an Excel formula injection.
network
low complexity
sap CWE-1236
4.6
4.6